felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: enforce indentation consistency across profile.

Browse source
This commit is contained in:
Alexandre Pujol 2024-10-16 23:36:13 +01:00
parent 6e2d817805
commit 37bafddc80
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
30 changed files with 181 additions and 182 deletions
Download patch file Download diff file Expand all files Collapse all files

18
apparmor.d/profiles-g-l/gamemoded
View file

@ -40,23 +40,23 @@ profile gamemoded @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/authentication>
include <abstractions/nameservice-strict>
capability audit_write,
capability mknod,
capability setgid,
capability sys_ptrace,
ptrace read peer=gamemoded,
network netlink raw,
@{bin}/pkexec mr,
@{lib}/gamemode/{,**} r,
@{lib}/gamemode/cpugovctl ix,
@{lib}/gamemode/gpuclockctl ix,
@{lib}/gamemode/procsysctl ix,
/etc/security/limits.d/ r,
/etc/security/limits.d/@{int}-gamemode.conf r,
/etc/shells r,
@ -66,15 +66,15 @@ profile gamemoded @{exec_path} flags=(attach_disconnected) {
@{sys}/devices/system/cpu/ r,
@{sys}/devices/system/cpu/cpu@{int}/cpufreq r,
@{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_governor rw,
@{PROC}/@{pid}/fdinfo/@{int} r,
@{PROC}/@{pid}/loginuid r,
@{PROC}/@{pid}/stat r,
@{PROC}/sys/kernel/split_lock_mitigate rw,
include if exists <local/gamemoded_pkexec>
}
include if exists <local/gamemoded>
}

2
apparmor.d/profiles-g-l/ifup
View file

@ -85,7 +85,7 @@ profile ifup @{exec_path} {
/etc/network/if-up.d/ r,
/etc/network/if-up.d/*resolvconf rPUx,
/etc/network/if-up.d/resolved rPUx,
/etc/network/if-up.d/resolved rPUx,
/etc/network/if-up.d/chrony rPUx,
/etc/network/if-up.d/ethtool rPUx,
/etc/network/if-up.d/ifenslave rPUx,

48
apparmor.d/profiles-g-l/linuxqq
View file

@ -13,38 +13,38 @@ include <tunables/global>
@{exec_path} = @{bin}/linuxqq @{lib_dirs}/qq
profile linuxqq @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/attached/consoles>
include <abstractions/audio-client>
include <abstractions/common/electron>
include <abstractions/fontconfig-cache-read>
include <abstractions/base>
include <abstractions/attached/consoles>
include <abstractions/audio-client>
include <abstractions/common/electron>
include <abstractions/fontconfig-cache-read>
network netlink raw,
network netlink dgram,
network inet stream,
network inet dgram,
network inet6 dgram,
network inet6 stream,
network netlink raw,
network netlink dgram,
network inet stream,
network inet dgram,
network inet6 dgram,
network inet6 stream,
@{exec_path} mrix,
@{exec_path} mrix,
@{sh_path} r,
@{bin}/grep rix,
@{lib_dirs}/chrome_crashpad_handler ix,
@{lib_dirs}/resources/app/{,**} m,
@{open_path} rPx -> child-open-strict,
@{sh_path} r,
@{bin}/grep rix,
@{lib_dirs}/chrome_crashpad_handler ix,
@{lib_dirs}/resources/app/{,**} m,
@{open_path} rPx -> child-open-strict,
/etc/machine-id r,
/etc/machine-id r,
@{att}/@{run}/systemd/inhibit/@{int}.ref rw,
@{run}/utmp r,
@{att}/@{run}/systemd/inhibit/@{int}.ref rw,
@{run}/utmp r,
owner @{PROC}/@{pid}/loginuid r,
owner @{PROC}/@{pid}/mounts r,
owner @{PROC}/@{pid}/loginuid r,
owner @{PROC}/@{pid}/mounts r,
/dev/tty rw,
/dev/tty rw,
include if exists <local/linuxqq>
include if exists <local/linuxqq>
}
# vim:syntax=apparmor